F-A Payment 20-26 force.xlsx
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
|
||
|
malicious
Score: 100
|
System: unknown
|
| IP | Country | Detection |
|---|---|---|
| 185.147.80.213 | Russian Federation |  |
| 45.143.138.47 | Russian Federation | |
| 103.133.106.239 | Viet Nam | |
| Name | IP | Detection |
|---|---|---|
| cpf-th.com | 45.143.138.47 | |
| green9wsdyelectronicsandkitchenappliance.duckdns.org | 103.133.106.239 | |
| Name | Detection |
|---|---|
| http://cpf-th.com/dark/five/fre.php | |
| http://green9wsdyelectronicsandkitchenappliance.duckdns.org/office360/regasm.exe | |
| http://www.ibsensoftware.com/ |  |
| Click to see the 1 hidden entries | |
| https://curl.haxx.se/docs/http-cookies.html | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SQEVR752\regasm[1].exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\vbc.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\Desktop\~$F-A Payment 20-26 force.xlsx |
data | # | |
| Click to see the 5 hidden entries | |||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\64CBAD52.jpeg |
gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 700x990, frames 3 | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\99303755.emf |
Windows Enhanced Metafile (EMF) image data version 0x10000 | # | |
C:\Users\user\AppData\Local\Temp\data.xml |
ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Roaming\85CB65\5E97AF.lck |
very short file (no magic) | # | |
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-290172400-2828352916-2832973385-1004\ce1d9ab061b5b7ff17c765603e761dae_0f4f5130-48fa-4204-b1c4-585fbb81cd25 |
data | # | |
